cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rajeshbatt...@apache.org
Subject git commit: updated refs/heads/master to 88d4fe8
Date Fri, 01 Aug 2014 07:36:19 GMT
Repository: cloudstack
Updated Branches:
  refs/heads/master 880f186ed -> 88d4fe8a0


 Fixed CLOUDSTACK-7091 VM VNC password should be securely generated


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/88d4fe8a
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/88d4fe8a
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/88d4fe8a

Branch: refs/heads/master
Commit: 88d4fe8a0bd9874e695de41d7a1419b7d24e0301
Parents: 880f186
Author: Rajesh Battala <rajesh.battala@citrix.com>
Authored: Fri Aug 1 12:01:46 2014 +0530
Committer: Rajesh Battala <rajesh.battala@citrix.com>
Committed: Fri Aug 1 13:09:27 2014 +0530

----------------------------------------------------------------------
 engine/schema/src/com/cloud/vm/VMInstanceVO.java | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/88d4fe8a/engine/schema/src/com/cloud/vm/VMInstanceVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/vm/VMInstanceVO.java b/engine/schema/src/com/cloud/vm/VMInstanceVO.java
index c1190dc..d542f33 100644
--- a/engine/schema/src/com/cloud/vm/VMInstanceVO.java
+++ b/engine/schema/src/com/cloud/vm/VMInstanceVO.java
@@ -16,9 +16,10 @@
 // under the License.
 package com.cloud.vm;
 
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
 import java.util.Date;
 import java.util.Map;
-import java.util.Random;
 import java.util.UUID;
 
 import javax.persistence.Column;
@@ -36,6 +37,9 @@ import javax.persistence.Temporal;
 import javax.persistence.TemporalType;
 import javax.persistence.Transient;
 
+import org.apache.commons.codec.binary.Base64;
+import org.apache.log4j.Logger;
+
 import com.cloud.hypervisor.Hypervisor.HypervisorType;
 import com.cloud.utils.db.Encrypt;
 import com.cloud.utils.db.GenericDao;
@@ -48,6 +52,7 @@ import com.cloud.vm.VirtualMachine.State;
 @Inheritance(strategy = InheritanceType.JOINED)
 @DiscriminatorColumn(name = "type", discriminatorType = DiscriminatorType.STRING, length
= 32)
 public class VMInstanceVO implements VirtualMachine, FiniteStateObject<State, VirtualMachine.Event>
{
+    private static final Logger s_logger = Logger.getLogger(VMInstanceVO.class);
     @Id
     @TableGenerator(name = "vm_instance_sq", table = "sequence", pkColumnName = "name", valueColumnName
= "value", pkColumnValue = "vm_instance_seq", allocationSize = 1)
     @Column(name = "id", updatable = false, nullable = false)
@@ -191,13 +196,20 @@ public class VMInstanceVO implements VirtualMachine, FiniteStateObject<State,
Vi
         this.type = type;
         this.guestOSId = guestOSId;
         this.haEnabled = haEnabled;
-        vncPassword = Long.toHexString(new Random().nextLong());
         state = State.Stopped;
         this.accountId = accountId;
         this.domainId = domainId;
         this.serviceOfferingId = serviceOfferingId;
         this.hypervisorType = hypervisorType;
         limitCpuUse = false;
+        try {
+            SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
+            byte[] randomBytes = new byte[16];
+            random.nextBytes(randomBytes);
+            vncPassword = Base64.encodeBase64String(randomBytes);
+        } catch (NoSuchAlgorithmException e) {
+            s_logger.error("Unexpected exception in SecureRandom Algorithm selection ", e);
+        }
     }
 
     public VMInstanceVO(long id, long serviceOfferingId, String name, String instanceName,
Type type, Long vmTemplateId, HypervisorType hypervisorType, long guestOSId,


Mime
View raw message